Our investigation of urcuithla.co[.]in demonstrates that it is a deceptive website designed to trick visitors into granting permission to show notifications. Once allowed, the site abuses this permission to promote scams, untrustworthy pages, apps, etc. For this reason, users should avoid acceptin
WebStatSearch is a browser extension promoted as a tool that provides statistics and other information concerning the currently open website. After analyzing this piece of software, we determine that it is a browser hijacker. It modifies browser settings to promote the odsrchrdr.com fake search en
During our inspection of malware samples uploaded to VirusTotal, we discovered Se7en, a ransomware belonging to the Babuk family. Once executed, Se7en encrypts files, appends the ".se7en" extension to filenames, and creates a ransom note ("How To Restore Your Files.txt"). An example of how files a
We have inspected quizmytab.com and discovered that it is a fake search engine promoted through an extension called QuizMyTab. This extension promotes quizmytab.com by hijacking a web browser. Users should avoid using fake search engines and extensions that function as browser hijackers, and remov
Our analysis of Surfer Search has revealed that it is an extension that operates as a browser hijacker. We came to this conclusion after noticing that it changes the settings of a web browser to promote a fake search engine. Users should avoid extensions like Surfer Search and use only legitimate
Our research team discovered the Vera browser extension while investigating suspicious sites. It is endorsed as a productivity-enhancing tool that allows users to create "focus lists". Upon examination, we learned that this extension operates as a browser hijacker. Vera modifies browser se
Our researchers found the Shopping Helper+ browser hijacker while investigating suspicious websites. This extension is endorsed as a tool that improves the online shopping experience. Shopping Helper+ alters browser settings to promote the ocsrchrdr.com fake search engine (potentially others).
Searchmycurrency.com is a fake search engine that our researchers discovered while analyzing the Search My Currency browser hijacker. Websites of this kind usually cannot provide search engines and redirect to legitimate search engines. It is noteworthy that searchmycurrency.com could also be endo
While investigating rogue websites, our researchers discovered the Nviqri Someq Utils PUA (Potentially Unwanted Application). After analyzing this software, we determined that it infiltrates the Legion Loader malware into systems. Usually, Potentially Unwanted Applications (PUAs) possess u
Our analysis of conthlogiseirib.co[.]in has uncovered that it is a deceptive website crafted to manipulate visitors into granting permission for notifications. Once granted, this permission is exploited to promote scams and other unreliable web pages. Therefore, users should never agree to receive